OTTAWA — The head of Canada’s eavesdropping agency says a controversial effort to understand airport wireless systems did not breach the privacy of Canadians.
John Forster told a Senate committee Monday that Communications Security Establishment Canada was merely collecting electronic metadata — or data trails about messages — and not the actual content of those messages and calls.
A document obtained by CBC — originally leaked by former American spy contractor Edward Snowden — indicates the pilot project was intended to help the agency locate kidnappers and terrorists.
The CSEC slide presentation suggests information was taken from an unidentified Canadian airport’s free Wi-Fi system over a two-week period.
But Forster told the senators that’s not so.
“This exercise involved a snapshot of historical metadata collected from the global Internet,” he said.
“No data was collected through any monitoring of the operations of any airport — just part of our normal global collection.”
The spy agency was trying to build a mathematical model to help determine a communication pattern at a public location, in this case an airport, he said.
The May 2012 presentation says the project could help security officials zero in on a kidnapper based in a rural area who travelled to a city to make ransom calls.
Forster said intelligence officials know terrorists or hostage-takers will often use public spaces, like an airport or cafe, to access the Internet, “because they’re trying to hide in plain sight.”
“So the model is very helpful, it can save time or work in an incident where time is critical.”
The model has subsequently been used in at least two cases to identify legitimate foreign targets, he said.
Ottawa-based CSEC monitors foreign computer, satellite, radio and telephone traffic of people, states, organizations and terrorist groups for information of intelligence interest to Canada.
It is a key player in the Five Eyes intelligence network that includes partner agencies from the United States, Britain, Australia and New Zealand.
CSEC is forbidden from targeting the private communications of Canadians.
However, metadata is not considered a private communication for the spy service’s purposes.
Some civil libertarians and privacy advocates say the agency’s metadata monitoring is worrisome because even such seemingly innocuous material can reveal a lot about a person, such as their location and who they are contacting — in some cases even their religious or political beliefs.
Forster steadfastly denied CSEC was using metadata to build profiles of Canadians. In fact, metadata helps the agency screen out the content of Canadian messages, he said.
“I think metadata — in terms of a foreign signals intelligence agency — is pretty essential. We wouldn’t be able to find or locate foreign targets without it. It also helps us to make sure that we are not targeting Canadian private communications,” Forster said.
“We would not be using metadata to build profiles of Canadians, and their religious affinity and their political (allegiance).
“We have no interest in doing that. Our focus is to find foreign targets overseas.”
If the agency did abuse such information, CSEC’s own employees would be blowing the whistle, Forster said.
Earlier, Stephen Rigby, national security adviser to the prime minister, told the senators he was “not totally persuaded” that CSEC had “ tapped into” an airport Wi-Fi system.
After his appearance, Rigby said the collection of metadata has been “confirmed as being legal” and that CSEC had not broken the law.
Snowden, who once worked as a contractor on National Security Agency systems, leaked hundreds of documents about the NSA and its partners.
Rigby said during the committee hearing the revelations had “put a very intense spotlight” on how intelligence agencies work and with whom they collaborate.
“The disclosures raise a number of challenges for governments as they grapple with how to respond,” Rigby said.
“We need to take time to consider an appropriate response that is suited to our particular circumstances here in Canada.”
Forster said the leaks had prompted CSEC to review its dealings with outside contractors.
“So we’re going through that process now.”